{"id":"rhel9-security-from-hardware-to-policy","text":"RHEL 9 defense-in-depth extends from hardware-level security mitigations (SMT disable for L1TF/MDS, BPF JIT hardening, unprivileged BPF restrictions, MMIO buffer clearing) through software security controls (SELinux enforcing, firewalld active, system-wide crypto policies, granular audit logging), providing security assurance at every layer of the stack.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"rhel9-security-from-hardware-to-policy","truth_value":"IN","reason":"premise"}]}}